<?PHP
defined('_XR_EXEC') or die();
/**
 * 控制器处理类 管理员登录与登出
 */
class Login_Controller extends controller{
	function __construct(){
		parent::__construct();
	} 
	
	/* 用户登录 */
	function index__(){
		if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST'){ 
			$_POST=format::addslash_deep($_POST); 
			$db = factory::getDBO();
			$rs = $db->loadassoc('select * from `t_user` where usertype = 2 and deleted=0 and username="'.$_POST['username'].'" and password="'.$_POST['password'].'" ');
			if(!$rs){
				exit('会员编号或登录密码错误！');
			}
			if($rs['state'] != '1'){
				exit('该会员编号已暂停使用！');
			}
			//debug::show($rs);
			if(dates::dateDiff('d',$rs['bdate'],date('Y-m-d')) < 0 ){
				exit('该会员编号已超过有效期！');
			}
			if(dates::dateDiff('d',date('Y-m-d'),$rs['edate']) < 0 ){
				exit('该会员编号已超过有效期！');
			} 
			/* 记录用户登录 */
			factory::module('user')->updatelogin($rs['id']);
			factory::module('user')->userlog($rs['id'],'用户登录:'.$rs['name'].'('.$rs['username'].')');
			$_SESSION['sys_user'] = $db->loadassoc('select * from `t_user` where id="'.$rs['id'].'" ');
			exit('{success:1}');  
		}
	}
	/* 管理员登录 */
	function admin__(){
		$m_logincheck = factory::module('user');
		if($m_logincheck->loginCheck('admin',false)){
			header('Location: '.url::build('admin','index'));
		} 
		$login_name = '';
		$login_error = '';
		if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST'){
		  
			$usertype = '0';
			$_POST=format::addslash_deep($_POST);
			$login_name = $_POST['login_name'];
			if(strtoupper($_POST['login_seccode']) != func::getSecCode('admin_login')){
				$login_error = '验证码输入有误！';
			}else{
				$db = factory::getDBO();
				$rs = $db->loadassoc('select * from `t_user` where usertype in (0,1) and deleted=0 and state=1 and username="'.$_POST['login_name'].'" and password="'.func::madepwd($_POST['login_password']).'" ');
				if($rs !== false){
					/* 记录用户登录 */
					factory::module('user')->updatelogin($rs['id']);
					factory::module('user')->userlog($rs['id'],'管理员登录');
				
					$_SESSION['sys_admin'] = $db->loadassoc('select * from `t_user` where id="'.$rs['id'].'" ');
					# 加载权限
					$_SESSION['sys_admin']['authinfo'] = array(
						'sys'=>array()
					);
					if($_SESSION['sys_admin']['usertype'] == 1){
						# 系统功能权限
						$rs = $db->loadassoclist('select b.k from t_authgroup_sysmod a left join t_sysmod b on a.sysmod_id=b.id where a.authgroup_id="'.$_SESSION['sys_admin']['authgroup_id'].'" ','k');
						$_SESSION['sys_admin']['authinfo']['sys'] = array_keys($rs);
						
					}
					header('Location: '.url::build('admin','index'));
				}else{
					$login_error = '登录账户或密码错误！';
				}
			}
		}
		$this->assign('login_error',$login_error);
		$this->assign('login_name',$login_name);
	}
	 
	
	
	/* 管理员登出 */
	function adminlogout__(){
		unset($_SESSION['sys_admin']);
		header('Location: '.url::build('login','admin'));
		exit();
	} 
	/* 会员登出 */
	function logout__(){
		unset($_SESSION['sys_user']); 
		header('Location: /home/index');
		exit();
	}
	 
}
?>